<?
/**
*  后台账号管理
*  2014/9/18
*/
include("database.php");

include("session.php");
require("ajax_base.php");

$db = new SimpleDB();
$action = $_GET['action'];
$table_name = "crm_user";

if($action == "del") {
	$db->doDelete($table_name, 'id='.$_GET['id']); 
	echo "ok";

} else if($action == "list") {
	$condition = "1=1";
	if(isset($_GET['user_status']) && $_GET['user_status']!=0) {
		$condition .= " and user_status=".$_GET['user_status'];
	}
	if(isset($_GET['username'])) {
		$condition .= " and username='".$_GET['username']."'";
	}
	$sql = "select id,username,truename, user_flag, user_status, last_login, login_count from $table_name where $condition order by username "; 
	echo to_grid_json($db, $sql, $dic_data, array("username"=>"blue_color_mapper","telephone"=>"red_color_mapper"));

} else if($action == "get") {
	$sql = "select * from $table_name where id=".$_GET['id']; 
	$arr = $db->getOneRecordArray($sql);
	echo array_to_json($arr);

} else if($action == "get_by_uid") {
	$sql = "select * from $table_name where username='".$_SESSION['uid']."'"; 
	$arr = $db->getOneRecordArray($sql);
	echo array_to_json($arr);

} else if($action == "add") {
	if($db->getOneRecord("select id from $table_name where username='".$_POST['username']."'") != null) {
		echo 'username_exists';
		exit;
	}
	unset($_POST['id']);
	$db->doInsert($table_name, $_POST);
	echo 'ok';

} else if($action == "edit") {
	$id = $_POST['id'];
	unset($_POST['id']);
	$db->doUpdate($table_name, $_POST, 'id='.$id);
	echo 'ok';

} else if($action == "modify_pwd") {
	$sql = "select userpass from crm_user where username='".$_SESSION['crm_uid']."'"; 
	$arr = $db->getOneRecordArray($sql);
	if($arr['userpass'] != $_POST['o_userpass']) {
		die("o_userpass_incorrect");
	}
	$db->doUpdate($table_name, array("userpass"=>$_POST['n_userpass']), "username='".$_SESSION['crm_uid']."'");
	echo 'ok';

}

?>